How do I "get rid" of network credentials?

pokeefe0001 · 16 Aug 2016

I have backup software that takes a backup to a secure share on a NAS drive. When it's done the connection/session/whatever is left open so the share can still be accessed without reentering the credentials. How do I tell windows to break the connection (or whatever the appropriate term is) so that credentials have to be entered again?

I know rebooting works. I assume logging off and back on also works. Is there some simple command to break the connection?

bro67 · 16 Aug 2016

You should never remove those credentials. If you do, it will stop the backup software from working like it should be. It is only allowing the computer to connect to the NAS. In no way would anyone else to be able to hook up a computer and gain access to those shares, without knowing the username and password.

pokeefe0001 · 16 Aug 2016

I'm not worried about other computers. I'm ore worried about stuff like ransom-ware on this computer mucking with the backups. Ideally, I would like the backup task running under it's own userid so no other tasks would have access to the share. I definitely want no access to the share once the backup is done. (It's hours since the backup finished and my id still has access to the share. Bad!)

I guess I should probably look into doing backups via FTP rather than SMB.

bro67 · 16 Aug 2016

Even if malware got on your machine. With that connection port open for SMB/CFS or FTP SSH, the malware would have to be programmed to understand how to use Linux to attach the payload to a file. The majority of times that people get infected is opening up emails from unknown people, visiting websites that use a pop-up to deliver the payload. Then it just has to wait for the right time for you to open up or run the file for it to spread across a network. Majority of viri are written to work out of the temp folder for your browser and OS, along with using third party cookies to help deliver.

If you run a Anti-Malware software, it is programmed to look at certain services, the Temp folders and Cookies. That is really all that they do.

pokeefe0001 · 17 Aug 2016

I have security software, but I don't trust it's catching everything. I am very careful about opening emails from unknown sources (and typically look at the email source to see if it looks suspicious), but I make mistakes. Restoration of the PC is an obvious last resort for a bad infection. The one thing I could not cope with is ransomware encrypting my backups, so that is what I'm trying to address here. As far as I know, ransomeware could access and encrypt files on a NAS as easily as files on a local drive as long as the network credentials have been given to Windows and it has an "SMB-over-IP" connection established. If I could run my backups under a userid that did nothing but run the backups I would be safe, but I don't know how to do that. I think I would be safe with FTP because the ransomeware would have to have a built-in FTP client, would have to know the name or IP address of my NAS, and would have to have the FTP credentials. None of those things are impossible, but it seems like a lot of work for little payback for the ransomer.